The Brain Millhttps://www.thebrainmill.com
Sat, 14 Sep 2019 16:46:53 +0000en-UShourly1https://wordpress.org/?v=4.9.11Microsoft Is Extending Windows 7 Support For Only Some Usershttps://www.thebrainmill.com/2019/09/14/microsoft-is-extending-windows-7-support-for-only-some-users/
https://www.thebrainmill.com/2019/09/14/microsoft-is-extending-windows-7-support-for-only-some-users/#respondSat, 14 Sep 2019 15:00:00 +0000https://www.thebrainmill.com/2019/09/14/microsoft-is-extending-windows-7-support-for-only-some-users/There's some good news for Enterprise users who are still using Windows 7. By now, almost everyone is aware that the company is bringing support for the aging operating system to a ...]]>There's some good news for Enterprise users who are still using Windows 7. By now, almost everyone is aware that the company is bringing support for the aging operating system to a close.

The original time frame for formally ending support and for ending the issuance of security updates was set for as soon as January 2020.

Enterprise users, however, were given the option of paying for additional support for a limited window of time to give them a little longer to migrate away from Windows 7 and onto a more modern OS. Unfortunately, that window is now rapidly closing too. Recently, Microsoft announced a limited-time promotion for EA (Enterprise Agreement) and EAS (Enterprise Subscription Agreement) customers which will give them an extra year of Windows 7 security updates for free.

There is a catch, of course. You have to have an active subscription to either Windows 10 E5, Microsoft 365 E5, or Microsoft 365 Security. If you do, you can take advantage of the offer and milk a little more time and life out of your Windows 7 systems.

That's big news for any company of any size that's struggling to migrate away from an old Legacy system that depends on Windows 7 to function properly. That is because the costs of continuing to receive Windows 7 security updates beyond the January 2020 deadline are per device and increase every year.

In 2020, you'll pay $25 per device, which will double to $50 per device in year two and $100 per device in year three. If you're using Windows 7 Pro, your costs are even higher: $50 on year one, $100 on year two, and a staggering $200 per device on year three.

The bottom line is, if you need the extra time to move away from Windows 7, it pays to take advantage of Microsoft's recent offer.

]]>https://www.thebrainmill.com/2019/09/14/microsoft-is-extending-windows-7-support-for-only-some-users/feed/0Hackers Are Using Resumes To Deliver Malicious Softwarehttps://www.thebrainmill.com/2019/09/12/hackers-are-using-resumes-to-deliver-malicious-software/
https://www.thebrainmill.com/2019/09/12/hackers-are-using-resumes-to-deliver-malicious-software/#respondThu, 12 Sep 2019 15:00:00 +0000https://www.thebrainmill.com/2019/09/12/hackers-are-using-resumes-to-deliver-malicious-software/Hackers have used poisoned documents to deliver malware payloads for years. Recently though, researchers at the security company Cofense have spotted a new twist to the ploy, aimed squarely at HR departments. The ...]]>Hackers have used poisoned documents to deliver malware payloads for years. Recently though, researchers at the security company Cofense have spotted a new twist to the ploy, aimed squarely at HR departments. The recently detected campaign uses fake resume attachments to deliver Quasar Remote Administration Tool. It is affectionately known as RAT to any unsuspecting Windows user who can be tricked into jumping through a few hoops.

Here's how it works:

An email containing a document that appears to be a resume is sent to someone in a given company. The document is password protected, but the password is politely included in the body of the email, and is usually something simple like '123.' If the user enters the password, a popup box will appear, asking the user if he/she wants to enable macros.

Up to this point, the attack is fairly standard, but here's where it gets interesting:

If the macros are allowed to run, they'll display a series of images and a message announcing that content is loading. What it's actually doing is throwing out garbage code that's designed to crash analysis and detection tools while RAT is installed quietly in the background.

At that point, the system is compromised. RAT's capabilities give the hackers the ability to open remote desktop connections, log keystrokes and steal passwords, record any webcams in use, download files, and capture screenshots of the infected machine.

Worst of all, the first part of the infection process knocks out most detection programs. So, the hackers generally have a large window of time to take advantage of the newly created beach head. That can cause all manner of havoc in your network or simply choose to quietly siphon proprietary data from your systems.

Be on the alert and make sure your HR staff is aware. This is a nasty campaign and it's just hitting stride.

]]>https://www.thebrainmill.com/2019/09/12/hackers-are-using-resumes-to-deliver-malicious-software/feed/0Watch Out For Old Hacking Technique Offering Free Downloadshttps://www.thebrainmill.com/2019/09/11/watch-out-for-old-hacking-technique-offering-free-downloads/
https://www.thebrainmill.com/2019/09/11/watch-out-for-old-hacking-technique-offering-free-downloads/#respondWed, 11 Sep 2019 15:00:00 +0000https://www.thebrainmill.com/2019/09/11/watch-out-for-old-hacking-technique-offering-free-downloads/An old hacking technique is getting new attention from hackers around the world, and it underscores the fact that people must exercise extreme caution when it comes to deciding who to trust ...]]>An old hacking technique is getting new attention from hackers around the world, and it underscores the fact that people must exercise extreme caution when it comes to deciding who to trust and where to download files from.

Hackers have long been in the business of spoofing legitimate sites; making exact replicas of popular websites offering a variety of free downloads.

Of course, instead of getting genuinely useful code, you find yourself on the poisoned domain. Rather than the legitimate site, what you download will be malware of one type or another.

The most recently discovered instance of this involves the Smart Game Booster site. It's a legitimate piece of code that helps to improve the performance of the games you play, and it has become popular enough that it's caught the attention of at least one hacking group. That group cloned the site and pretends to offer the same product.

In this case though, the malware the hackers deploy is one of the more insidious we've seen. Unlike many malware attacks which latch onto a system with a persistent presence, this one runs only once and then deletes itself. Even more alarming is that it leaves no trace that it was ever there.

When it runs, it scans the infected device for passwords, your browser history, any cryptocurrency wallets you may have, and a wide range of other critical files. It collects these and sends all the data to its command and control server, and then self-destructs.

With no outward sign, many users will be completely unaware that there's a problem until they start seeing suspicious charges on credit cards, noticing funds being removed from bank accounts and the like. By then of course, it's far too late.

The bottom line here is simple: Be mindful about where you download files from. Check your URLs, and unless you can avoid it, never stray far from the big, well-respected sites like the Apple Store, Microsoft Store, or Google Play Store. It's just not worth the risk.

]]>https://www.thebrainmill.com/2019/09/11/watch-out-for-old-hacking-technique-offering-free-downloads/feed/0Another IRS Phishing Campaign To Watch Out Forhttps://www.thebrainmill.com/2019/09/10/another-irs-phishing-campaign-to-watch-out-for/
https://www.thebrainmill.com/2019/09/10/another-irs-phishing-campaign-to-watch-out-for/#respondTue, 10 Sep 2019 15:00:00 +0000https://www.thebrainmill.com/2019/09/10/another-irs-phishing-campaign-to-watch-out-for/The Internal Revenue Service recently issued a warning that all taxpayers should be aware of. The agency has received a growing number of reports concerning unsolicited email messages bearing the subject lines: ...]]>The Internal Revenue Service recently issued a warning that all taxpayers should be aware of.

The agency has received a growing number of reports concerning unsolicited email messages bearing the subject lines:

Electronic Tax Return Reminder

Automatic Income Tax Reminder

These messages are not from the IRS, but rather, from spammers trying to steal your information.

According to a spokesman for the IRS:

"The emails have links that show an IRS.gov-like website with details pretending to be about the taxpayer's refund, electronic return or tax account. The emails contain a 'temporary password' or 'one-time password' to 'access' the files to submit the refund. But when taxpayers try to access these, it turns out to be a malicious file. The IRS does not send emails about your tax refund or sensitive information. This latest scheme is yet another reminder that tax scams are a year-round business for thieves. We urge you to be on-guard at all times."

These are wise words, and a warning that absolutely should be heeded. Unfortunately, this most recent scam utilizes dozens of different compromised websites to mimic IRS.gov, and this far flung network of sites makes it very difficult to shut down in its entirety.

What's most unfortunate about scams like these is that they seem to disproportionately impact the elderly. Many of the elderly have slowly begun adopting basic technologies like email, but don't have the tech skills to spot scams when they appear in their inboxes.

We all know at least a few people who fall into that category, so be sure to spread the word about this issue to anyone you know who may be especially susceptible to falling for scams like these. The more people we can protect, the less profitable the attack becomes. Perhaps we can even gain enough ground to make it more trouble than it's worth to the scammers, forcing them to look elsewhere.

]]>https://www.thebrainmill.com/2019/09/10/another-irs-phishing-campaign-to-watch-out-for/feed/0Windows 10 May Make WordPad And Paint Downloadable Soonhttps://www.thebrainmill.com/2019/09/09/windows-10-may-make-wordpad-and-paint-downloadable-soon/
https://www.thebrainmill.com/2019/09/09/windows-10-may-make-wordpad-and-paint-downloadable-soon/#respondMon, 09 Sep 2019 15:00:00 +0000https://www.thebrainmill.com/2019/09/09/windows-10-may-make-wordpad-and-paint-downloadable-soon/There's another chapter in the ongoing MS Paint saga. In case you missed the first part of the story, several months ago, Microsoft upset its user base when a Windows 10 Build ...]]>There's another chapter in the ongoing MS Paint saga.

In case you missed the first part of the story, several months ago, Microsoft upset its user base when a Windows 10 Build took Paint out of the equation. They replaced it with an updated version of the software that supported 3D effects and other advanced features.

They made the original Paint, which has been part of the Windows ecosystem since the earliest versions, available as an optional download.

The program was never that good or the best in class, so the company was astounded by the blowback that followed. The company's massive user base revolted, and Microsoft quickly backed away from their original plan to retire it, stating that they'd revisit the issue at a later date.

Now seems to be that 'later date' the company was referring to. Windows Insiders spotted a change that foretells an ominous future for the venerable piece of code. In all prior versions of Windows, it was impossible to uninstall either WordPad or Paint, but in the latest build, both are listed as optional features. As such, they can be uninstalled if the user wishes.

This is the same basic arc the company used to slowly get rid of Windows Media Player. Fans of paint (and it has legions of fans, apparently) fear that the old art program is destined to meet a similar fate. This goes along with WordPad, which has a significantly smaller fan following and isn't causing as much of an uproar.

Microsoft continues to try to assure users that the original paint will be made freely available in the Microsoft Store for anyone who wants it, but fans of the old program are not satisfied. Admittedly, although a small thing, the eventual loss of Paint will feel like the end of an era.

]]>https://www.thebrainmill.com/2019/09/09/windows-10-may-make-wordpad-and-paint-downloadable-soon/feed/0Texas Government Gets Hit With Major Ransomware Attackhttps://www.thebrainmill.com/2019/09/07/texas-government-gets-hit-with-major-ransomware-attack/
https://www.thebrainmill.com/2019/09/07/texas-government-gets-hit-with-major-ransomware-attack/#respondSat, 07 Sep 2019 15:00:00 +0000https://www.thebrainmill.com/2019/09/07/texas-government-gets-hit-with-major-ransomware-attack/This year stands to shatter last year's record in terms of the number of successful hacks against businesses and government agencies. It seems that the hackers have a new favored tool: The ...]]>This year stands to shatter last year's record in terms of the number of successful hacks against businesses and government agencies. It seems that the hackers have a new favored tool: The ransomware attack.

According to statistics gathered by Malwarebytes, attacks against government and business are up by a whopping 365 percent.

Set against this backdrop, the fact that Texas local government offices have recently been paralyzed by a ransomware attack is unsurprising. What is more surprising, however, is the scope, scale and highly coordinated nature of those attacks. In all, a total of 22 local government agencies were affected, which had the impact of stopping local services in towns across the state.

The incident is being managed by the Texas Department of Information Resources (TDIR). To date, they have not revealed the names of the local agencies that were impacted, nor been forthcoming with any other details other than the following.

"At this time, the evidence gathered indicates the attacks came from one single threat actor. Investigations into the origins of this attack are ongoing; however, responses and recovery are the priority at this time."

Give yourself a moment to let that sink in.

A single threat actor coordinated a successful state-wide attack that brought down services in 22 different local agencies. It's no secret that hackers around the world are learning from each other, creating "hacking best practices," and congregating into larger and more organized groups.

As they do so, they're able to tackle increasingly larger and more robust targets. If these groups can impact a significant portion of a state like Texas today, what will they be capable of by next year? This has all the earmarks of a trial run for an even larger attack, and that should unsettle everyone.

]]>https://www.thebrainmill.com/2019/09/07/texas-government-gets-hit-with-major-ransomware-attack/feed/0Medical Device Security Outlook Continues To Look Bleakhttps://www.thebrainmill.com/2019/09/06/medical-device-security-outlook-continues-to-look-bleak/
https://www.thebrainmill.com/2019/09/06/medical-device-security-outlook-continues-to-look-bleak/#respondFri, 06 Sep 2019 15:00:00 +0000https://www.thebrainmill.com/2019/09/06/medical-device-security-outlook-continues-to-look-bleak/There's a mix of good news and bad news concerning the security of smart devices in general, and smart medical devices specifically. As most people are aware, the Internet of Things (IoT) ...]]>There's a mix of good news and bad news concerning the security of smart devices in general, and smart medical devices specifically. As most people are aware, the Internet of Things (IoT) has a serious problem.

The overwhelming majority of such devices have little to no security and are incredibly easy to hack.

The good news is that the FDA has developed, and is continuing to improve on, an increasingly robust set of security guidelines that will shape the development of future generations of smart medical equipment. These improvements guarantee a much more robust and secure environment that will undoubtedly have ripple effects into the broader market for smart devices.

Now, the not so good news:

The current generation of smart devices has been designed to last 15-20 years, and if improvements are made to the security of those devices, it will come very slowly. Odds are good that it won't come at all, at least not in any meaningful way.

On top of that, although the FDA has made a very good start, the new guidelines are a long way from being completed. The approval process for each incremental change they make is a tortuous one. The long, convoluted process will guarantee that it's still quite some time before we have anything truly solid in place, but at least they're moving in the right direction.

The conclusion then, is unavoidable. The cybersecurity of medical devices is destined to be dangerously inadequate for at least the next two decades. Granted, we'll see incremental improvement during that time, but it's going to take a very long time for the smart medical devices currently in use to be retired and replaced by their more secure successor products.

]]>https://www.thebrainmill.com/2019/09/06/medical-device-security-outlook-continues-to-look-bleak/feed/0Open Source Programs Continue To Get Attacked By Hackershttps://www.thebrainmill.com/2019/09/05/open-source-programs-continue-to-get-attacked-by-hackers/
https://www.thebrainmill.com/2019/09/05/open-source-programs-continue-to-get-attacked-by-hackers/#respondThu, 05 Sep 2019 15:00:00 +0000https://www.thebrainmill.com/2019/09/05/open-source-programs-continue-to-get-attacked-by-hackers/This year hasn't been good for users of Open Source software, which at one level or another, includes just about everybody. Unfortunately, a recent grim discovery makes it unlikely that we'll see ...]]>This year hasn't been good for users of Open Source software, which at one level or another, includes just about everybody. Unfortunately, a recent grim discovery makes it unlikely that we'll see the number of attacks decline any time soon. Not long ago, two new back doors were discovered in more than a dozen libraries that have been downloaded hundreds of thousands of times by server administrators.

One of them was discovered in Webmin, which is a web-based administration tool that boasts over a million installations.

While the exact date is unknown, sometime in the early part of 2018, someone compromised the server that was used to develop new versions of the program. Once compromised, the unknown assailant used the access to distribute a backdoor that was downloaded nearly a million times, and is no doubt actively used by tens of thousands of internet-facing servers. If you're using versions 1.90, 1.91, or 1.92 of Webmin, you are impacted and at risk.

The second recent discovery concerns the RubyGems repository. Here, the backdoor allows attackers to use pre-chosen credentials to remotely execute commands to infected servers. In addition to that, RubyGems developers also discovered that a cryptocurrency miner had been slipped into the code. That allows hackers to hijack infected servers to use their processing power for illicit mining operations, sending the proceeds to the hackers themselves.

These types of attacks can have an incredibly high impact because they tend to affect servers that sit at the heart of critical processes, like sending bulk emails or serving web pages. Unfortunately, once such a system is infected like this, the only way to secure it is to perform a complete rebuild which is a time and resource intensive task that few business owners want to contemplate.

]]>https://www.thebrainmill.com/2019/09/05/open-source-programs-continue-to-get-attacked-by-hackers/feed/0Nvidia Releases Graphics Drivers With Major Improvementshttps://www.thebrainmill.com/2019/09/04/nvidia-releases-graphics-drivers-with-major-improvements/
https://www.thebrainmill.com/2019/09/04/nvidia-releases-graphics-drivers-with-major-improvements/#respondWed, 04 Sep 2019 15:00:00 +0000https://www.thebrainmill.com/2019/09/04/nvidia-releases-graphics-drivers-with-major-improvements/There's great news today in the tech realm for gamers around the world. Nvidia recently announced a major driver update for its graphics cards that offer a variety of improvements. The 436.02 ...]]>There's great news today in the tech realm for gamers around the world.

Nvidia recently announced a major driver update for its graphics cards that offer a variety of improvements. The 436.02 update promises a framerate improvement of up to 23 percent for World War Z, Strange Brigade, Forza Horizon 4, Battlefield V, and Apex Legends.

The new update also includes a Freestyle sharpening filter, and an ultra-low latency mode. That is the big draw, and it's designed specifically with highly competitive games in mind. It can reduce latency by up to 33 percent and will work on DirectX 9 and DirectX 11 titles. Unfortunately, Vulkan and DirectX 12 games won't see any benefit.

If you're a fan of pixel art games like TFL or Terarria, you'll be pleased to know that the most recent update includes GPU integer scaling, which will allow you to scale up retro games like these without blurriness.

In addition to these changes, Nvidia is also expanding its G-Sync compatibility list to include Asus' VG27A and Acer's CP3271 / XB273 GP monitors. The 30-bit color feature previously only found in Nvidia's Studio drivers is also included in this latest update.

This is great news for gamers, obviously. In addition, the new capabilities will also be of interest at the Enterprise level, depending on what business you're in. If your company publishes games, then naturally it will be easy for you to take advantage of the new capabilities and push your titles into new frontiers. Animation studios will also find some benefit, but honestly, just about any graphically intense application will see at least a marginal benefit from the driver update. This makes it well worth grabbing at your earliest opportunity.

]]>https://www.thebrainmill.com/2019/09/04/nvidia-releases-graphics-drivers-with-major-improvements/feed/0YouTube Will Soon Stop Displaying Ads Targeted At Kidshttps://www.thebrainmill.com/2019/09/03/youtube-will-soon-stop-displaying-ads-targeted-at-kids/
https://www.thebrainmill.com/2019/09/03/youtube-will-soon-stop-displaying-ads-targeted-at-kids/#respondTue, 03 Sep 2019 15:00:00 +0000https://www.thebrainmill.com/2019/09/03/youtube-will-soon-stop-displaying-ads-targeted-at-kids/Earlier this year, Google, the parent company of YouTube, found itself in hot water for YouTube's violation of the Children's Online Privacy Protection Act (COPA). They got in trouble for their data ...]]>Earlier this year, Google, the parent company of YouTube, found itself in hot water for YouTube's violation of the Children's Online Privacy Protection Act (COPA). They got in trouble for their data collection practices and the fact that the company allowed third-party ads to run rampant on videos that were more likely to be viewed by children under the age of thirteen.

As a result of the violation, the FTC and Google reached a settlement for an undisclosed amount of money, described by sources close to the matter as a "multimillion-dollar fine." Since then, YouTube has been in the process of revising their advertising policies and procedures.

Recently, the company has reported that they're finalizing changes to how ads are displayed on their site. Even better, they're outright banning advertising on videos that are more likely to be viewed by children. This is the latest in a series of moves YouTube has been making since they were found to be in violation of COPA. They began by closing comments on video clips starring children, and then proceeded to limit recommendations "on videos that it deems as putting children at risk."

Even with this most recent change, a variety of consumer groups have claimed that YouTube's actions to date have been insufficient. There's a groundswell movement afoot that's pressing the company to move all child-focused videos into a separate "YouTube Kids" site, complete with its own app. Thus far, the company has been reluctant to take that step. However, the consumer groups are quite correct to point out that YouTube's actions to date have been less than spectacular.

The biggest issue with their latest plan is simply this: How does one differentiate between a children's video and one that isn't? What specific criteria are used to make that determination?

Unfortunately, the company has opted not to share those details to this point.